- remove cve fixes which are included in this release
- remove the fix for bzip2. meson.build was improved so this is not
required anymore
- inherit bash-completion
This releases contains a lot of bugfixes. The below list is not
exhaustive.
Core:
- Font handling improvements:
* Font loading on start massively sped up.
* As an exception, Skia font family (apparently quite common on macOS)
is special-cased because it behaves weirdly and was not working with
current font handling.
* Various other fixes related to font handling.
* We now wait for fonts to be fully loaded before loading any file.
- Command Line Interface:
* Option -i / --no-interface is not shown anymore on `gimp-console`
binary (it can still be used — it does nothing there anyway —, which
allows to use the same sets of option with the GUI binary, and also
so that existing shell scripts don't break).
* Option --show-debug-menu is not hidden anymore for discoverability.
* The `gimp-3.0` executable can now run with --no-interface even when
no display is available (ex: virtual terminal with no window
manager/compositor, containers, etc.). This used to only work with
`gimp-console-3.0` executable.
- Windows:
* output CLI messages to the parent console like Linux and macOS.
* Ctrl+C signals are now correctly handled in the attached console.
* The attached console supports color too.
* Interpreters are run conditionally if running in console.
- macOS: default to "quartz" Input Method for emoji keyboard support.
- Wayland: wait before we get our first surface before listing input
devices to work around a Wayland limitation and GTK bug.
- Default "Search" feature in GTK3 is now disabled in the component
editor in the Channels dockable.
- Several fixes related to Quick Mask handling.
- Fixed some cases where config migration from GIMP 2 to GIMP 3 was
problematic.
- Several buggy undo cases were fixed.
- Several fixes related to pass-through group layers.
- Export will now be properly triggered even if no drawables are
selected (this is not a requirement anymore with GIMP 3 API).
- Path import and export respectively from and to SVG improved.
- Serialize colors in legacy GimpRGB format into a XCF when the XCF
version is older than GIMP 3 for backward compatibility.
Tools:
- Symmetry: fix initial stroke symmetry when using pixmap brushes.
- Move tool: fixed weird position jumps in some cases.
Graphical User Interface:
- Center buttons in overlay dialogs.
- Headerbar's (when titlebar and menubar are merged) button colors
now match our theme.
- Dialogs' header icon and view will now scale based on custom icon
size.
- Resize dialog: Canvas Size fill combo set to insensitive if layers
won't be resized.
- Navigation and Selection editor will now properly match the theme
(in particular, in dark mode, they won't show large bright area).
- Do not show outlines when hovering the absent "Fx" icon anymore,
which was confusing people into making it look like you could click
and interact with this empty area.
Plug-ins:
- Fixes on: OpenRaster export, TIFF import, Map Object, PDF export,
Gradient Flare, ANI export, Script-Fu, DDS export, Fractal Explorer,
PSP import, ICO import, XWD import, PSD import, WebP export, ICNS
import, Gimpressionist, JPEG 2000 import, Busy Dialog.
- Scale entries have been replaced by spin scale widgets in a bunch of
plug-ins.
- Fixed vulnerabilities: ZDI-CAN-28376, ZDI-CAN-28311, ZDI-CAN-28273,
ZDI-CAN-28158, ZDI-CAN-28232, ZDI-CAN-28265, ZDI-CAN-28530,
ZDI-CAN-28248, PSP issue 15732.
- Script-Fu improved to not initialize UI code unnecessarily (and
therefore make it unusable on systems without a display).
API:
- libgimp:
* Fixes where made in libgimp metadata object.
* Make GExiv2Metadata as parent of GimpMetadata visible to
Gobject-Introspection tools (bindings were missing this
information).
* Fixes made on: gimp_drawable_get_thumbnail(),
gimp_drawable_get_sub_thumbnail(), gimp_drawable_filter_new(),
gimp_proc_view_new(), gimp_procedure_set_sensitivity_mask(),
gimp_procedure_dialog_get_spin_scale().
* Remove thumbnail metadata before writing it on export, to make
sure we don't cary on metadata written by other software in
thumbnails.
- libgimpconfig:
* Improve error messaging on config deserialization.
* Fix gimp_config_serialize_value() when serializing file objects.
* New functions: gimp_config_get_xcf_version() and
gimp_config_set_xcf_version().
- libgimpcolor:
* gimp_color_is_perceptually_identical() docs clarified.
- libgimpbase:
* The host config directory is now shown in MSIX.
* The host config directory is now shown in flatpak.
- libgimpwidgets:
* Fixes made on: GimpLabelEntry, gimp_widget_free_native_handle().
- libgimpcolor:
* New function: gimp_cairo_surface_get_buffer()
* Deprecated function: gimp_cairo_surface_create_buffer() in favor
of gimp_cairo_surface_get_buffer().
The function implementation was also changed so that it does not
necessarily return a linear-memory backed buffer anymore (it
might, but developers should not have any expectation about this).
Build:
- Third-party binary plug-in support in the Snap backported from the
original third-party snap.
- Snap package for release is now created and submitted on a release
pipeline.
- Release URLs added to AppStream metadata.
- We do not build GEGL with Matting Levin for Windows builds anymore
because of crashes.
- Flatpak nightly builds will now show a pseudo-release visible with
`flatpak list`, showing proper version information.
- Windows installer now has a dark mode.
- Update changelog on MS Store (MSIX) releases.
- AppImage now ships with full MIDI support.
- Make it clearer that GExiv2 0.15.0 and over are incompatible
(because of API breakage).
- Improve build to ensure that the language list (shown in
Preferences) is localized during compilation. This also means that a
build machine should be set up for localization at build time when
optional language selection is enabled.
- We now require the generic C++14 standard, and not the GNU variant
anymore.
- MSVC support added.
- Various tweaks which used to be required to make packages work as
relocatable builds were dropped since babl and GEGL now have a
relocatable option working also on Linux.
- The `man` page of GIMP binaries was updated.
- The `gimp-console` binary is now shipped in the Flatpak.
- macOS pipeline added in our Gitlab CI.
- Make sure that harfbuzz is built with libgraphite2 shaper on macOS.
- Generate file associations for macOS automatically.
- A Bash completion file was added for `gimp` and `gimp-console`
binaries.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f8fcc9ccf5)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Fixes: #1023
Upstream seems to have regenerated the archive, as the checksum no
longer matches the one specified in the recipe:
|WARNING: hdf5-2.0.0-r0 do_fetch: Checksum failure encountered with download of https://support.hdfgroup.org/releases/hdf5/v2_0/v2_0_0/downloads/hdf5-2.0.0.tar.gz - will attempt other sources if available
|WARNING: hdf5-2.0.0-r0 do_fetch: Checksum mismatch for local file /buildcache/downloads/hdf5-2.0.0.tar.gz
|Cleaning and trying again.
|WARNING: hdf5-2.0.0-r0 do_fetch: Renaming /buildcache/downloads/hdf5-2.0.0.tar.gz to /buildcache/downloads/hdf5-2.0.0.tar.gz_bad-checksum_a7a8f43e76e825ea22234bc735d5b184e880d305e33e4c9bb93a3912421c9973
|ERROR: hdf5-2.0.0-r0 do_fetch: Checksum failure fetching https://support.hdfgroup.org/releases/hdf5/v2_0/v2_0_0/downloads/hdf5-2.0.0.tar.gz
|ERROR: hdf5-2.0.0-r0 do_fetch: Bitbake Fetcher Error: ChecksumError('Checksum mismatch!\nFile: \'/buildcache/downloads/hdf5-2.0.0.tar.gz\' has sha256 checksum \'a7a8f43e76e825ea22234bc735d5b184e880d305e33e4c9bb93a3912421c9973\' when \'6e45a4213cb11bb5860)
|ERROR: Logfile of failure stored in: /home/tgamblin/workspace/yocto/openembedded-core/build/tmp/work/x86-64-v3-poky-linux/hdf5/2.0.0/temp/log.do_fetch.2054297
However, the tarballs look identical. Update the hash and be explicit
about downloadfilename to avoid any mirroring issues. A note has been
left that this measure can be removed with a future upgrade.
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit f0f02434c8)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
The default ${PN} (python3-scapy) CVE fails to match relevant CVEs,
because they are tracked under the scapy:scapy CPE.
Set CVE_PRODUCT to the correct value.
See CVE db query:
sqlite> select * from products where product like '%scapy%';
CVE-2019-1010142|scapy|scapy|2.4.0|=||
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6f68f5fce7)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
The related CVEs are tracked with "xerces-c\+\+" (sic).
See CVE db query:
sqlite> select vendor, product, count(*) from PRODUCTs where product like '%xerces%' group by 1, 2;
apache|xerces-c\+\+|29
apache|xerces-j|2
apache|xerces2_java|3
redhat|xerces|3
Set CVE_PRODUCT accordingly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 29a272744a)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
The relevant CVEs are tracked with underscore in their name.
See CVE db query:
sqlite> select vendor, product, count(*) from PRODUCTs where product like '%boinc%' group by 1, 2;
berkeley|boinc_client|2
berkeley|boinc_forum|1
universityofcalifornia|boinc_client|165
universityofcalifornia|boinc_server|5
Set the CVE_PRODUCT accordingly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 31de060b48)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
The CVEs are tracked with an underscore in the product name:
sqlite> select * from PRODUCTs where product like '%async%mq%';
CVE-2025-65503|redboltz|async_mqtt|10.2.5|=||
This patch sets the correct CVE_PRODUCT.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 4da079d7f5)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
The relevant CVEs are associated with usc:cereal CPE.
See CVE db query:
sqlite> select * from PRODUCTS where PRODUCT like '%cereal%';
CVE-2020-11104|usc|cereal|||1.3.0|<=
CVE-2020-11105|usc|cereal|||1.3.0|<=
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6e936626cb)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
All relevant CVEs are files against these CPEs.
See CVE db query (zediious vendor is not relevant):
sqlite> select * from PRODUCTs where PRODUCT like '%raptor%' and vendor <> 'symantec' and product <> 'velociraptor';
CVE-2012-0037|librdf|raptor|||2.0.7|<
CVE-2017-18926|librdf|raptor_rdf_syntax_library|2.0.15|=||
CVE-2020-25713|librdf|raptor_rdf_syntax_library|2.0.15|=||
CVE-2023-49078|zediious|raptor-web|0.4.4|=||
CVE-2024-57822|librdf|raptor_rdf_syntax_library|||2.0.16|<=
CVE-2024-57823|librdf|raptor_rdf_syntax_library|||2.0.16|<=
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 15aca0b2fa)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Build fails for qemuarm with musl with following error:
/build/tmp/work/cortexa15t2hf-neon-poky-linux-musleabi/libjxl/0.11.1/sources/libjxl-0.11.1/lib/jxl/convolve_separable5.cc
| error: out of range pc-relative fixup value
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 63ae47a70d)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
This is a maintenance release. The following items were fixed or added:
GUI: Fixed VirtualBox VM Manager crash when host was resuming from sleep (github:gh-121, github:gh-170)
GUI: Updated native language support for Traditional Chinese, Greek, Swedish, Hungarian and Indonesian translations
NAT: Fixed issue when multiple port forwarding rules affected NAT functionality (github:gh-232)
Linux host and guest: Introduced initial support for kernel 6.18
Linux Guest Additions: Introduced additional fixes for RHEL 9.6 and 9.7 kernels (github:GH-12)
Windows Guest Additions: Introduced additional fixes for issue when installation was failing in Windows XP SP2 guest (github:GH-142)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Bruce Ashfield <bruce.ashfield@gmail.com>
(cherry picked from commit 0ecf2814b2)
Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
Gyorgy Sarvari
Markus Volk
Tom Geelen
Trevor Gamblin
Peter Marko
Liu Yiding
Sanjay Chitroda
Jason Schonberg
Khem Raj
Ankur Tyagi
Wang Mingyu